FC3 Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm have a half-million dollar grant for research and with some of this money I recently assembled a computer with dual opteron processors, 2gb of memory, 240 gb of hard drive, and 500 gb for a raid disk array. The computer will be doing some heaving duty number crunching (using R and other open source software). I installed FC3 (64-bit) without any problems, applied to the university computer dept. for an IP address (and received an IP) for one of the ports in my office and started working. The next day the "local" IT dept. (such as it is) for the "data center" told me I had to disconnect from the port as my computer was a "risk" to their data center. First they said that because my computer was connected to the same subnet as the data center that this computer, if hacked, would pose a threat to their computers. They consider my computer to be a "server" because I was using ssh to connect remotely to it. When I said I would eliminate ssh, then they said that they don't support Linux systems and won't allow it to be connected. If they don't control the computer (by installing Windows XP), then the computer is a threat to their system because it is on the same subnet. (The university gives out IP addresses and actually owns the network. Various departments and groups rent ports.)

When I checked further, it turns out that the building I'm in actually has 3 subnets. Which subnet you're on depends not on the department or group but purely where you happen to be located. As it turns out, I'm not on the same subnet as the data center. It also turns out that many other people outside the data center happen to be on the same subnet as the data center yet the data center doesn't feel that it's threatened by these computers (the IT people have no idea what these other computers are or how secure they are). When I asked them about this, they said, your office is within the walls of the data center, if your computer is hacked they will be blamed. They said it's their port (even though it's in my office and no one else will have access to it or be able to use it.) I said I'll buy my own port. They said it will be a threat to them and they will be blamed.

Is there any truth to what the IT people are saying or are they simply insane (or control freaks or both)?

In the next couple of days I will be speaking with the department head (the data center is a small part of the department and my grant is totally independent of the data center). If I can't get her to see reason and force the data center to act reasonably, I think I have the following options for connecting my FC3 computer to the Internet:

1) get a separate project office outside of the data center (inconvenient to have two offices blocks or farther apart),

2) get a DSL data line installed (about $130/month for 512K - kind of expensive),

3) use Verizon Wireless Broadband (very fast [512K], $80/month - not cheap but I could take the PC 5220 card out and use in the evenings and weekends),

4) take the computer and 20 in lcd monitor home, connect it to the DSL line, and do the work at home.

What would you recommend? If I'm going to complete this project on time, I can't have any more time wasted. So I need to get this resolved.

Rick B.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux